How often have I now heard clients and colleagues saying that migrating to a hybrid environment encompassing public cloud is easy? You just transfer the workload and you know, public cloud is really safe. Well, not sure I buy that argument. Let me explain you why.
Public cloud is safe.
I will not dispute that AWS and Azure do a great job at securing their clouds up to the operating system level. Microsoft has a comprehensive description of their security features on this website. Amazon’s security is described here. So, yes, the public cloud providers are doing a good job to secure what they are responsible for. Your data is encrypted when it travels or is stored on their premises and security is maintained up to the latest standards. So, why am I stating there is more to it?
But you require end-to-end security
On Microsoft’s site one section is titled “Apps and Data”, but when you read it, it only speaks about data. Why? Because neither Microsoft nor Amazon are responsible for your applications. So application security cannot be guaranteed. And here is where the problem appears.
You have an existing application running from within your intranet, nicely shielded from the outside world through your own security perimeter. Outsiders may not even be able to access the application. And now you will take that application, put it out in the cloud somewhere and you expect it to be fully secure. Your users are now going through the standard internet, yes with SSL encryption probably, to access that application. And to make things more complicated, there is a high chance that this application continues to interact with other applications sitting behind your firewall. You’ve basically opened up a series of communication channels, visible to all, to this application. Are you sure that has been taken into account when the application was originally designed?
Hybrid IT requires an end-to-end design
A couple months ago I had the opportunity to assist in the design and configuration of an Azure compartment. This is actually a quite complex endeavor and many decisions need to be taken. But what daunted on me is that no questions were asked about how the existing environment and Azure were going to be integrated to still provide end-to-end security.
You will need to think through how you are going to make your new environment secure and protected. You could expand your perimeter to include your public cloud compartment in your perimeter. That is however not the easiest and most secure way of doing things. You may also want to make sure that each application is secured and able to protect itself. This leads to five key subjects that need to be addressed.
1. Is your application itself handling security properly?
This is particularly important for applications used by external users. Hackers may use your application to enter your environment by injecting code in some of the fields they can fill in for example. So, are you checking the length of the entry and the fact all the characters are alpha-numeric? Are you stopping any unwanted activity? Are you making sure under no circumstances your application keeps your system exposed in administration mode? I could go on like this. You understand what I mean. An application that is exposed to the outside world needs to ensure it does not retain any security holes. Properly testing the applications from a security perspective is strongly recommended before migrating an application to any cloud environment.
2. Strong and pervasive encryption
The security descriptions for public cloud I shared earlier highlight that for most of them data is encrypted both at rest and in transit. This means the data is encrypted by the cloud provider as long as the data resides in the cloud. In a hybrid IT environment there are many opportunities for the data to travel between the private and the public environment or even between two different public environments. Is the data also encrypted during those? In the current mode of operations probably not because it all happens behind the security perimeter. When the application is moved to the cloud that is no longer the case and additional encryption may be enforced. Actually you may implement your own encryption for all data both in transit and at rest. When the data is in the cloud it will then be encrypted twice. That’s fine, it ensures nobody can get access to it without your keys.
3. Secure Transfer
This point complements the previous one. How will your public cloud integrate with your other environments? What approach are you taking? We all know the level of security guaranteed by https. That may not be enough though. So it’s worth looking at VPN or maybe even dedicated lines. To maximize your security, always encrypt your messages using these communication pipes.
APIs seems like the latest buzzword, but managing your APIs properly in a hybrid IT environment is critical. Ensuring these APIs cannot be called upon by unwanted visitors is mandatory to protect your environment. Particularly when you are interacting with other organizations you need to make sure you protect yourself. Regardless which type of APIs you use, using API keys increases protection. Approaches such as Oauth 2.0 keeps development simple while authenticating the API caller properly, reducing the risk of unwanted access.
5. User Access and endpoint control
Last but far from least, the user. Frankly, in the current world where hacking seems to become the norm, being it in industry or politics, we do NOT train our end-users enough. It is key to have them understanding the caution required to identify phishing e-mails, fake websites etc. That leads to an increasing attempt to gather user credentials and gain access to your environment. Having your users on the look-out for harmful e-mails is important. We already spoke about how to protect data entry screens so unfriendly users cannot harm the system. But that is not all. As mobile access becomes popular, the question of securing the mobile device comes to the forefront. Many companies allow their employees to use mobile devices for both private and company business. The private use leaves the device wide open as you do not have any control on what the user will do. So, ensuring a clear separation between the private and company elements is critical. Ensuring all company data is encrypted all the time is also a good precaution. Both of these lead to devices that often run slower, but protect the enterprise.
Taking a holistic approach
As shown above, you really need to take a holistic approach at security in a hybrid environment. The drawing here under tries to identify all possible security aspects you should take into account.
It’s a long list, and it may scare you off. The cloud platform aspects are taken into account by the cloud service provider, but it will be up to you to address the other ones. Make sure you understand this when you decide to implement a hybrid IT environment. Also, when you think about migrating existing applications, ensure you have the security aspects in mind. Is your application handling its own security? Or is it taking advantage of the environment in which it runs. If the latter is true, how will you ensure the same level of protection in your new environment? Yes, public cloud is secure, up to the level for which the supplier is responsible. That typically does not include your application.